No announcement yet.

DoS - Denial of Service

  • Filter
  • Time
  • Show
Clear All
new posts

  • DoS - Denial of Service

    Denial of service is an attack that aims at preventing normal communications with a resource by disabling the resource iteself, or by disabling an intrastructure device providing connectivity to it. The disabled resource cound be in the form of customer data, websites, or a specific service or other.
    The most common form of a DoS attack is to flood the target with so much traffic that all available resources of the system are overwhelmed and unable to handle additional requests. The attacker floods the target network with extremely large amounts of useless data or data requests, thereby overwhelming the nework ad render it useless or unavailable to legitimate users.
    The means of successfully launching a DoS attack are many, but the end result is essentially the same; as an attacker, the goal is to completely remove the availability of the targeted resource. The goal of a DoS attack is to remove the "A" from the CIA triad.

    The signs of a typical DoS attack includes
    • Unavailability of a resource
    • Loss of access to a website
    • Slow performance
    • Increase in spam e-mails. This type of DoS attack is considered an e-mail bomb.

    Be cautious with concluding from the warning signs alone. Further examination is needed to determine if a genuine attack is in progress or just a localized network issue.

    Typical targets of DoS attacks range from government-owned resources to online vendors and others, and the intent of the attack is usually the deciding factor in terms of which target will be engaged. From a corporate perspective, the focus is always on the bottom line. A successful DoS attack against a corporation's web page or availability of back-end resources could easily result in a loss of millions of dollars in revenue depending on the size of the company. The negative impact of the brand name and company reputation must also be taken into consideration. The impact of a single DoS attack with specific directed intent can prove extremely damaging to the victim on many different levels.

    Another theme that pervades DoS attacks, as well as other attack forms, is hackers who take action against a target organization based on "principle" or a sense of personal mission, which is known as hacktivism. Hacktivists are a particularly concerning threat because their focus is not necessarily on personal gain or recognition; their success is measured by how much their malicious actions benefit their cause. This thought process ties in nicely with DoS attacks in that the message being "sent" can be left up to interpretation or, more commonly, be claimed by a group or individual.

    DoS attacks is extremely popular with cybercriminals and organized crime groups. These groups have organized themselves into complex hierarchies and structures designed to coordinate and magnify tje effects of a DoS attack. The groups use their organization to sometimes enact extortion schemes or to set up other moneymaking schemes. In other situations, these groups have been known to create botnets that they can later rent out for a price to any party who want to use such.
    DoS attacks are categorized as one of those that "can happen to anyone" realities. The tools and services for performing DoS attacks are plentiful and so is the availability which makes a DoS attack a common attack for both hackers and less technical individuals.

    DoS Targets...

    Web Server Compromise
    A successful DoS attack and subsequent compromise of a web server constitutes the wides public exposure against a specific target. What is seen most often is a loss of uptime for a company web page or web resource.

    Back-End Resources
    Back-End resources includes infrastructure items that support a public-facing resource such as a web page. DoS attacks that take down a back-end resource such as a customer database or server farm essentially render all frond-end resources unavailable.

    Network or Computer Specific
    DoS attacks are also launched from within a local area network, with intent to compromise the network itself, or to compromise a specific node such as a server or client system.
    Certified Security Geek